From owner-svn-src-head@FreeBSD.ORG Sat Dec 17 21:33:00 2011 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id EBD90106566B; Sat, 17 Dec 2011 21:33:00 +0000 (UTC) (envelope-from mdf356@gmail.com) Received: from mail-pz0-f54.google.com (mail-pz0-f54.google.com [209.85.210.54]) by mx1.freebsd.org (Postfix) with ESMTP id B4CD18FC0C; Sat, 17 Dec 2011 21:33:00 +0000 (UTC) Received: by dakp5 with SMTP id p5so4247903dak.13 for ; Sat, 17 Dec 2011 13:33:00 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=wNvPpwpvlEQ0ZrZGsu8wbX0uGdq5tj9yKTRJgnfzWpw=; b=aiyVyZdcthjNCaCy9OxZLv+ZceRpfbYay4xt3lD28vjStF9ay9D9i1Oc/VdHLgfKMf B76qXfVnkk+XEUrsrg7CRvNJL2wnWbZ5NZXyUnEuINlgpUiPMkXaSPD5i/JgI8AgdspL mhHUrzXizLCgujTHp88R0VDuhJj2D3dUoH8V8= MIME-Version: 1.0 Received: by 10.68.191.70 with SMTP id gw6mr26801227pbc.85.1324157579914; Sat, 17 Dec 2011 13:32:59 -0800 (PST) Sender: mdf356@gmail.com Received: by 10.68.197.198 with HTTP; Sat, 17 Dec 2011 13:32:59 -0800 (PST) In-Reply-To: <201112171314.pBHDEjtQ060509@svn.freebsd.org> References: <201112171314.pBHDEjtQ060509@svn.freebsd.org> Date: Sat, 17 Dec 2011 13:32:59 -0800 X-Google-Sender-Auth: FNBZnnZxpaZONmFpAPdBAhx-dRM Message-ID: From: mdf@FreeBSD.org To: Dimitry Andric Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org Subject: Re: svn commit: r228625 - head/usr.bin/csup X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 17 Dec 2011 21:33:01 -0000 On Sat, Dec 17, 2011 at 5:14 AM, Dimitry Andric wrote: > Author: dim > Date: Sat Dec 17 13:14:44 2011 > New Revision: 228625 > URL: http://svn.freebsd.org/changeset/base/228625 > > Log: > =A0In usr.bin/csup/auth.c, use the correct number of bytes for zeroing th= e > =A0shared secret, and use long long format to snprintf a time_t. If casting is necessary, style prefers intmax_t or uintmax_t, since those are always wide enough. Thanks, matthew > =A0MFC after: =A0 =A01 week > > Modified: > =A0head/usr.bin/csup/auth.c > > Modified: head/usr.bin/csup/auth.c > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D > --- head/usr.bin/csup/auth.c =A0 =A0Sat Dec 17 12:52:58 2011 =A0 =A0 =A0 = =A0(r228624) > +++ head/usr.bin/csup/auth.c =A0 =A0Sat Dec 17 13:14:44 2011 =A0 =A0 =A0 = =A0(r228625) > @@ -254,7 +254,7 @@ auth_makesecret(struct srvrecord *auth, > =A0 =A0 =A0 =A0MD5_Update(&md5, ":", 1); > =A0 =A0 =A0 =A0MD5_Update(&md5, auth->password, strlen(auth->password)); > =A0 =A0 =A0 =A0MD5_Final(md5sum, &md5); > - =A0 =A0 =A0 memset(secret, 0, sizeof(secret)); > + =A0 =A0 =A0 memset(secret, 0, MD5_CHARS_MAX); > =A0 =A0 =A0 =A0strcpy(secret, md5salt); > =A0 =A0 =A0 =A0auth_readablesum(md5sum, secret + strlen(md5salt)); > =A0} > @@ -302,8 +302,9 @@ auth_makechallenge(struct config *config > =A0 =A0 =A0 =A0} > =A0 =A0 =A0 =A0gettimeofday(&tv, NULL); > =A0 =A0 =A0 =A0MD5_Init(&md5); > - =A0 =A0 =A0 snprintf(buf, sizeof(buf), "%s:%ld:%ld:%ld:%d:%d", > - =A0 =A0 =A0 =A0 =A0 inet_ntoa(laddr.sin_addr), tv.tv_sec, tv.tv_usec, r= andom(), pid, ppid); > + =A0 =A0 =A0 snprintf(buf, sizeof(buf), "%s:%lld:%ld:%ld:%d:%d", > + =A0 =A0 =A0 =A0 =A0 inet_ntoa(laddr.sin_addr), (long long)tv.tv_sec, tv= .tv_usec, > + =A0 =A0 =A0 =A0 =A0 random(), pid, ppid); > =A0 =A0 =A0 =A0MD5_Update(&md5, buf, strlen(buf)); > =A0 =A0 =A0 =A0MD5_Final(md5sum, &md5); > =A0 =A0 =A0 =A0auth_readablesum(md5sum, challenge);